BJ Freeman wrote:
>
> http://docs.ofbiz.org/display/OFBTECH/OFBiz+security
>
> Milind W sent the following on 7/29/2008 7:58 PM:
>> hi,
>> Security Permissions
>> I am using ofbiz rev.79258
>> I want to understand how security works so I made the following
>> modifications to hello1
>> 1)I added base-permission="OFBTOOLS" to the ofbiz-component.xml
>> I could still see the application I was assuming the application would as
>> me to login or prevent me from seeing the page.
>> 2)I added <security> to the main request
>> <request-map uri="main">
>> <security https="false" auth="true"/>
>> <response name="success" type="view" value="main"/>
>> </request-map>
>> This displays "java.lang.NullPointerException" in the browser.
>> How do permissions precedence work starting from the UI to the entity
>> layer.
>> Help appreciated.
>> Thanks
>> -Milind
>>
>> Here is the log
>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>> RequestHandler.java:243:INFO ] [Processing Request]: main
>> sessionId=6E6BB45A4B5AB75A10A9B9404FA622A5.jvm1
>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>> RequestManager.java:159:WARN ] [RequestManager.getEventType] Type of
>> event
>> for request "checkLogin" not found
>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>> RequestManager.java:146:WARN ] [RequestManager.getEventPath] Path of
>> event
>> for request "checkLogin" not found
>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>> RequestManager.java:172:WARN ] [RequestManager.getEventMethod] Method of
>> event for request "checkLogin" not found
>> 2008-07-29 19:07:17,031 (http-0.0.0.0-8080-1) [
>> ControlServlet.java:205:ERROR]
>> ---- runtime exception report
>> --------------------------------------------------
>> Error in request handler:
>> Exception: java.lang.NullPointerException
>> Message: null
>> ---- stack trace
>> ---------------------------------------------------------------
>> java.lang.NullPointerException
>> javolution.util.FastMap.getEntry(Unknown Source)
>> javolution.util.FastMap.containsKey(Unknown Source)
>> org.ofbiz.webapp.control.RequestManager.getHandlerClass(RequestManager.java:78)
>> org.ofbiz.webapp.event.EventFactory.loadEventHandler(EventFactory.java:102)
>> org.ofbiz.webapp.event.EventFactory.getEventHandler(EventFactory.java:86)
>> org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:453)
>> org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:259)
>> org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:198)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
>> javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>> org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:255)
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:568)
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
>> java.lang.Thread.run(Thread.java:595)
>> --------------------------------------------------------------------------------
>>
>>
>>
>>
>>
>
>
>
http://www.opensourcestrategies.com/ofbiz/security.php
http://www.opensourcestrategies.com/ofbiz/security.php
--
View this message in context:
http://www.nabble.com/how-to-set-security-and-permissions-precedence-tp18725310p18726014.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
